binect-chrome/RELEASE_SMOKE.md

# Release Smoke Checklist

Repeatable verification before Chrome Web Store submission. Run after every release candidate build.

## Quick start

```bash
npm run smoke
```

This runs all **automated** checks (build, test, lint, dist verification, metadata-only compliance) and prints the **manual** Chrome steps below.

---

## Automated checks

| Step | Command | Pass criteria |
|------|---------|---------------|
| Type-check | `tsc --noEmit` | No TypeScript errors |
| Lint | `eslint src/**/*.{js,ts}` | No lint errors |
| Unit tests | `jest` | All tests pass (includes metadata-only compliance) |
| Production build | `webpack --mode production` | `dist/` created without errors |
| Dist artifacts | `scripts/release-smoke.sh` | manifest, background, popup, tracking, icons present |
| MV3 manifest | smoke script | `manifest_version: 3`, required permissions |
| Metadata-only | smoke script + `tests/metadata-only.test.ts` | No PDF bytes persisted to `chrome.storage` |

---

## Manual Chrome verification

Requires Chrome desktop and Binect test credentials.

### 1. Load unpacked extension

1. Run `npm run build` (or `npm run smoke` which builds automatically).
2. Open `chrome://extensions/`.
3. Enable **Developer mode**.
4. Click **Load unpacked** and select the `dist/` directory.
5. Confirm BinectChrome appears with version from `public/manifest.json`.
6. Accept any new permission prompts.

**Pass:** Extension loads without service-worker registration errors. Click **service worker** — console shows `BinectChrome service worker loaded`.

### 2. Trigger PDF detection

**Recommended (viewer detection):**

1. Open: `https://www.w3.org/WAI/ER/tests/xhtml/testfiles/resources/pdf/dummy.pdf`
2. Click the BinectChrome toolbar icon.

**Pass:** Popup shows `dummy.pdf`, source domain, and **Send PDF to Binect** button.

**Optional (download detection):**

1. Download: `https://www.africau.edu/images/default/sample.pdf`
2. Check service worker console for `[PDF Detector] PDF detected!`
3. Badge shows `1` (when service worker is awake).

**Pass:** Popup finds the PDF (directly or via recent-downloads fallback).

### 3. Verify Binect upload (metadata-only path)

1. Sign in with Binect credentials in the popup.
2. Click **Send PDF to Binect**.
3. Wait for **Uploading…** → **Success!** with a document ID.

**Pass:** Upload completes; popup shows document in basket (`in_basket` status).

### 4. Confirm zero-retention storage

1. Right-click popup → **Inspect** → **Application** → **Storage** → **Extension Storage**.
2. Inspect stored keys:

| Key | Expected content |
|-----|------------------|
| `documentProxies` | Filename, URL, size, hash, Binect status — **no PDF bytes** |
| `credentials` | Encrypted username/password — **no PDF data** |
| `transferTracking` | Timestamp, domain, size, result — **no PDF content** |

**Pass:** No key contains base64 PDF content or raw byte arrays. Only metadata and encrypted credentials.

### 5. Tracking page

1. Click **?** in the popup footer.
2. Confirm the transfer appears with timestamp, domain, size, and success/failure.

**Pass:** Transfer logged locally; CSV export works.

---

## Failure triage

| Symptom | Check |
|---------|-------|
| Service worker won't register | `dist/background.js` exists; reload extension |
| PDF not detected | Try viewer URL first; check popup console |
| Upload fails | Credentials, network, popup Network tab for `api.binect.de` |
| Storage has PDF bytes | **Blocker** — violates zero-retention; do not ship |

---

## Related docs

- `QUICK_TEST_GUIDE.md` — detailed debug steps
- `DEVELOPMENT.md` — dev workflow and Chrome URLs
- `SCOPE.md` — in-scope metadata-only proxy model
- `dev-helper.sh verify` — quick dist check without full smoke